As a security measure, we need to force all the users to use MD5 encryped passwords. For that we need to list users whose encrypted password is not MD5. I understand all MD5 encrypted passwords start with $1$ and a sample entry in /etc/shadow would be
I tried grep -v ":$1$" /etc/shadow and grep -v ":\$1\$" /etc/shadow and grep -v :\$1\$ /etc/shadow to list the entries without MD5 encryption but no luck (none of them give expected output)
Please advise the correct way to get the user list without MD5 encrypted passwords. Thank you!
What platform are you on? Most pam-compatible systems allow the sysadmin to specify the encryption algorithm.
So before we go further, do you have a lot of users with root access? If not, then why have you not already specified the encryption algorithm? After that, you should have expired all passwords, thus forcing them to use your specified algorithm. Problem solved, IMO.
And if you have users with root access you cannot stop them from doing pretty much anything they please.
As you can see, I do not think what you are trying to do, as stated, is going to help much. So we need to know more.
As to your question: fgrep or grep -F tells grep not to use regex.
Code:
grep -F ':$1$' /etc/shadow
awk works, too:
Code:
awk -F':' 'index($2, "$1$")==1' /etc/shadow
Last edited by jim mcnamara; 12-03-2015 at 10:28 PM..
Hello, on my android device my app autosaves my password and it encrypts by TLS
im not politically exposed person, just regular entrepreneur. Should i worry if i loose my phone with TLS encrypted password? Or regular mortals or casual hackers are not able to crack it? (4 Replies)
How to keep encrypted password in a shell script.?
I have the file which has the following:
a.sh
-----
username=abc
password=abc
I will be using this username and password in another script. But I don't want to reveal the password in the script. How to keep the password... (3 Replies)
i have an application that uses the encrypted password that's in the /etc/shadow file.
i copied the line for the particular username i was interested it in from shadow file and i pasted it into the password file of the application. the application is nagios.
this application allowed that... (5 Replies)
Hi,
Is it possible to convert MD5 passwords to SHA-512?
I'm about to migrate an old slackware server to Debian, then I noticed that they don't use same encryption method.
I'm aware that I can change the encryption method in Debian to MD5, but as far as I understand SHA-512 is more secure,... (2 Replies)
Hi
I wonder whether is possible to generate enrypted passwd for some user and paste it into /etc/shadow file ?
What kind of encryption is used in /etc/shadow file ?
ths for help. (1 Reply)
Hi folks,
What will be the easy way to decrypt encrypted passwords on MySQL table. Googling brought me many suggestions on crypt/decrypt running scripts. Please advise. TIA
Remark:
I think the encrypt function of MySQL uses the Unix crypt command to encrypt
B.R.
satimis (1 Reply)
Hello everyone and let me start off by thanking anyone who can help with this.
I work for a company that uses Unix as one of their servers. I'm not at all familar with Unix beyond logging after I restart the server:rolleyes: I'm looking for some command that will bring me up a list of current... (3 Replies)
I'm tasked to change a user's password on multiple Linux systems (RH v3). I though copying the encrypted password from one Linux /etc/shadow file to another would work but I was wrong.
The long term solution is to establish an openLDAP Directory service, but for now I'm stuck with a manual... (1 Reply)
Hi,
I do not want the plaintext password to appear in the netrc file. So I want to encrypt the password. Is there a way to encrypt the password and still make ftp to use the netrc ?
Thanks in advance.
-Gow:confused: (2 Replies)
